Every now and again I hear otherwise sensible security people question why they should improve their security controls, when increasing their cyber-insurance coverage seems much easier and less costly, as if they were alternatives to one another. To me this is akin to debating whether it is better to eat right and stay fit or buy more health insurance coverage. To be clear, cyber-insurance is not a substitute for having strong and sensible security controls, just as health insurance is not a substitute for healthy living. Why is this?
Firstly, cyber-insurance can’t reasonably cover non-quantifiable, but quite real losses that are associated with breaches, such as brand impact, hits to customer goodwill, and wasted staff time responding to incidents. Secondly, like a recent US federal court decision highlighted regarding a rather easy to defend against email enabled attack, whether a successful attack is even covered is debatable and often will need to be fought out in court to find out for sure. Thirdly, and very logically, insurance companies that write cyber-insurance increasingly are measuring organizations’ security posture and maturity to determine pricing and level of coverage. If your “cyber-health” is poor, expect to pay more, just like health coverage costing more for smokers than for non-smokers.
Clearly the takeaway of this blog is that security controls and cyber-insurance are complements and not substitutes. And given the relative immaturity of the cyber-insurance industry, the difficultly of determining what is covered, and the constantly evolving creativity of the attackers, good IT risk management practice calls for having effective security controls that are backed up with cyber-insurance coverage that can help take the edge off a successful attack. Think complements not substitutes.
Last week at Black Hat Europe, Mimecast had the pleasure of meeting hundreds of people from around the world. Many conversations were had and, with security being the focus of the conference, Mimecast was able to demonstrate exactly how our products are evolving to stop the never ending cybersecurity threats. I was able to provide multiple presentations in our booth on how Mimecast’s Targeted Threat Protection tools protect, as well as educate, users making them think before they click. Here're some top moments from the event:
The Mimecast Team met at 8am Thursday morning for a booth meeting and were ready to go once the people started flowing in. On the first day, we found ourselves speaking with a number of students and Ph.D. Candidates who saw tremendous value in providing education in line with our protection tools.
Mimecast’s very own Product Manager for Security, Steve Malone, as well as several other members of the Product Management Team, stopped by the booth to check in on the Mimecast Team and engage Black Hat attendees in great conversations about what our products are doing and where we see the future of our products evolving.
Thursday closed and the Mimecast Team moved down the street to the Albion and met with several news sources to discuss the day’s events and to help spread our message. In what you would envision a typical London setting – dim restaurant, wooden tables, and a warm fire on a rainy night a lot of friendships were made between coworkers and attendees alike.
Friday morning started with energy – I was lucky enough to be able to continue in booth presentations throughout the day leading up to a standing room only theater presentation discussing the powerful fact that 91% of attacks start with an email. Attendees were walked through the anatomy of a phishing attack and shown exactly how their data is being gathered and used against them in a variety of ways. A quote from Mimecast co-founder, Neil Murray that echoed at Black Hat Las Vegas was equally as powerful during the presentation – “The risk doesn't go away, it just changes its nature.” Attackers are evolving and Mimecast aims to evolve faster to stay ahead of emerging threats.
In an interesting turn of events, an attendee from my theater presentation was interested in discussing Mimecast’s products and our thoughts on cybersecurity further. Bruno, as he identified himself, was a reporter on cybersecurity from Italy. I was lucky enough to sit down for a 20-minute interview with Bruno and, throughout our conversation, I found he is also a white hat hacker for several large organizations. Our conversation continued well past the interview until almost an hour later when the announcement for the close of Black Hat Europe was upon us.
As for Friday, the final day, came to a close, Mimecast gave away Ray Bans, a BB-8 Star Wars droid, and other great prizes to some lucky winners. Some of the Mimecast team joined me for dinner and we reflected on the past few days and found we all had a wide variety of interesting conversations.
Overall, Mimecast came to London with high hopes, was met with a lot of great questions, and we left looking forward to next year. Until then everyone, keep your email safe!
The just-released The Forrester WaveTM: Information Archiving Cloud Providers, Q4 2016 provides a fascinating touchpoint on the rapid evolution of the State of Archiving. We hold Forrester Research in high regard as a global leader in research and advisory services.
The report is based on service demos and interviews with both vendors and users. It’s an honor just to be included in this report, let alone to have earned Forrester’s recognition as a “Strong Performer.” We’re delighted to have our archiving business recognized in this way.
As a snapshot of the archiving market, we feel the report offers three key insights worth reflecting upon.
TAKEAWAY #1: THE FORRESTER WAVE REPORT PUTS MIMECAST IN THE COMPANY OF AN INTERESTING MIX OF VENDORS
We fully expected to see some familiar rivals in this report, and in this Forrester analysts didn’t disappoint. Yet there were a few surprises as well. Certain vendors that our customers frequently ask about somehow didn’t make the report.
On the other hand, there were some vertical-market specialists that rarely if ever come up in customer conversations, or even in other analysts’ archiving market research. We were also a bit surprised to see some well-known Enterprise Content Management (ECM) specialists in the mix.
TAKEAWAY #2: THIS REPORT SAYS A LOT ABOUT THE FLUID STATE OF ARCHIVING
Mimecast was founded in 2003 as an archiving SaaS provider. Archiving is in our DNA.
Understandably, other vendors bring their own unique origin stories. Those included here include companies with roots in records management, instant messaging, and content workflow automation. There are vendors here who rose to success by focusing on call center customers, financial services providers, law firms, and other verticals.
What brings us all together? The domination of knowledge work, the emergence of information retention regulations, and the spiraling legal exposure that all organizations face.
TAKEAWAY #3: WE DO WHAT WE DO THANKS TO OUR CUSTOMERS
We developed our proprietary Mime|OS both to leverage cloud economies and to overcome cloud scale, performance, and other challenges. Then, as we all know, the web matured, and with it, cybercrime. As these threats morphed and mushroomed, our customers’ needs expanded.
In responding to these needs, we found that Mime|OS provided the ideal foundation for delivering new categories of security and continuity services. More recently, our Mime|OS and unified cloud architecture have proven a boon for simplifying the buildout of our API library, which in turn will let us accelerate the pace of service expansion.
Further, without our customers, there’d be no Legendary Customer Success.
THANKS FOR THE PRIVILEGE
So again, we’re indebted to the analyst community for recognizing our hard work and accomplishments. We also recognize the contributions of our partners, for teaming with us, and sharing our successes. Finally, infinite thanks to our customers. You keep us focused and offer vital course-correction in this fast-paced world.
We wouldn’t have it any other way.
The Forrester Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave™ are trademarks of Forrester Research, Inc.
It takes just half a second to infect a computer with ransomware, but affected companies deal with the fallout for months. The FBI estimates that more than 4,000 ransomware attacks occur each day in the U.S. – representing a 300% increase over 2015 alone. What's more, cybercriminals can get started for just a small investment: Forbes reports that one $39 program encrypts files, deploys from a variety of file formats, and deletes files at random intervals when the ransom isn't paid. Yet the price for companies affected by ransomware is much steeper. In addition to the ransom itself, companies facing ransomware are often unprepared for the true cost of dealing with attackers, getting systems back online and handling potential brand damage and lost productivity.
The Ransom is Expensive – But It's the Least Important Cost
Ransomware is a strain of malware that encrypts data on organizations' computers, servers or user devices, locking them down, before demanding payment of a ransom – often in Bitcoin or another non-traceable currency – in exchange for decrypting the data. According to the FBI, the costs of the ransom plus staff time in recovering the data averages about $330,000 per incident. The ransom itself varies, but is just a fraction of the costs that organizations face. One high-profile case required a Hollywood-based hospital to pay $17,000 to regain access to its data. Yet the financial outlay from paying the actual ransom typically costs far less than collateral damage.
Quantifying the Real Costs of Ransomware Attacks
Employees' productivity declines: Lost employee productivity is a major ransomware cost. When your team is unable to access email, customer information, and other essential systems, they're not able to get their work done and keep your business moving forward. According to the Aberdeen Group, the cost of downtime per hour ranges from $8,581 for small businesses to an astronomical $686,250 for enterprises. An outage of just one day can range between $205,944 and $16,470,000. Email continuity systems can keep your employees connected and working even during an attack.
Customers' access impacted: If locked down systems or encrypted data is linked to the customer experience, the financial damages can be further reaching. From brand damage to the inability to get customers what they need, lack of access to data can bring client-facing operations to a grinding halt. For example, in a healthcare setting clinical staff may be unable to access treatment or prescription data and need to send patients to another facility. Banks may be unable to accept deposits or provide accurate balance information via online banking portals. Customers who find out about ransomware attacks can develop negative brand associations and question both employee judgment and infrastructure security. It's hard to quantify the losses, but stock prices can drop and customers can take their business to the competition.
Potential regulatory and compliance fines: In certain industries, compromised data can be seen a security failing. Each breach or ransomware attack can lead to regulatory fines and penalties, such as in the healthcare industry or in banking. In healthcare, for example, HIPPA-covered organizations can face fines between $10,000 and $25,000 per incident – up to a maximum of $1 million per year. Nominal investments in the right solutions and employee training can help prevent ransomware attacks and recoup the investment many times over.
The cost of recovery and the potential for data damage: Restoring data after a ransomware attack isn't fail-proof or inexpensive. Key files may be deleted or inadvertently damaged during the restoration process. Bugs in the decryption software can lead to data losses. Even if decryption proceeds smoothly, businesses have to invest in IT staff time to get back online. Often a ransomware event also signals a complete forensic analysis of the current setup, network vulnerabilities and investments and strategies to prevent future issues which are time-consuming and potentially expensive.
Your team works hard to attract and serve your customers. Don't let a ransomware attack derail your business and have a negative impact on your bottom line. Mimecast's layered solution brings together email protection, business continuity and data replication capabilities into a single cloud solution that helps you protect against the threat of ransomware.
Contact us today to learn more.